(MFC) Duo Auth API - Async Auth

See more Duo Auth MFA Examples

If you enable async, then your application will be able to retrieve real-time status updates from the authentication process, rather than receiving no information until the process is complete.

Note: This example requires Chilkat v9.5.0.89 or greater.

For more information, see https://duo.com/docs/authapi#/auth_status

Chilkat C/C++ Library Downloads MS Visual C/C++ Libs

See Also: Using MFC CString in Chilkat

#include <CkHttp.h>
#include <CkHttpRequest.h>
#include <CkHttpResponse.h>
#include <CkJsonObject.h>
#include <CkStringBuilder.h>

void ChilkatSample(void)
    {
    CkString strOut;

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    const char *integrationKey = "DIMS3V5QDVG9J9ABRXC4";
    const char *secretKey = "HWVQ46nubLBxhnRlKddTltWIi3hL0fIQF2qTvLab";

    CkHttp http;

    http.put_Accept("application/json");

    // Use your own hostname here:
    const char *url = "https://api-a03782e1.duosecurity.com/auth/v2/auth";

    // This example requires Chilkat v9.5.0.89 or greater because Chilkat will automatically
    // generate and send the HMAC signature for the requires based on the integration key and secret key.
    http.put_Login(integrationKey);
    http.put_Password(secretKey);

    CkHttpRequest req;
    req.AddParam("username","matt");
    req.AddParam("factor","push");
    // The device ID can be obtained from the preauth response.  See Duo Preauth Example
    req.AddParam("device","DP6GYVTQ5NK82BMR851F");
    // Add the async param to get an immediate response, then periodically check for updates to find out when the MFA authentication completes for fails.
    req.AddParam("async","1");

    CkHttpResponse *resp = http.PostUrlEncoded(url,req);
    if (http.get_LastMethodSuccess() == false) {
        strOut.append(http.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    strOut.append("status code = ");
    strOut.appendInt(resp->get_StatusCode());
    strOut.append("\r\n");

    CkJsonObject json;
    bool success = json.Load(resp->bodyStr());
    json.put_EmitCompact(false);
    strOut.append(json.emit());
    strOut.append("\r\n");

    if (resp->get_StatusCode() != 200) {
        delete resp;
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Sample successful output:

    // status code = 200

    // {
    //   "stat": "OK",
    //   "response": {
    //     "txid": "45f7c92b-f45f-4862-8545-e0f58e78075a"
    //   }
    // }

    const char *txid = json.stringOf("response.txid");
    delete resp;

    // Use your own hostname here:
    CkStringBuilder sbUrl;
    sbUrl.Append("https://api-a03782e1.duosecurity.com/auth/v2/auth_status?txid=");
    sbUrl.Append(txid);

    strOut.append("Auth status URL: ");
    strOut.append(sbUrl.getAsString());
    strOut.append("\r\n");

    CkStringBuilder sbResult;
    const char *responseStatus = 0;
    const char *responseStatus_msg = 0;

    // Wait for a response...
    int i = 0;
    int maxWaitIterations = 100;
    while (i < maxWaitIterations) {
        // Wait 3 seconds.
        http.SleepMs(3000);

        strOut.append("Polling...");
        strOut.append("\r\n");

        resp = http.QuickRequest("GET",sbUrl.getAsString());
        if (http.get_LastMethodSuccess() == false) {
            strOut.append(http.lastErrorText());
            strOut.append("\r\n");
            SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
            return;
        }

        if (resp->get_StatusCode() != 200) {
            strOut.append("error status code = ");
            strOut.appendInt(resp->get_StatusCode());
            strOut.append("\r\n");
            strOut.append(resp->bodyStr());
            strOut.append("\r\n");
            strOut.append("Failed.");
            strOut.append("\r\n");
            delete resp;
            SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
            return;
        }

        // Sample response:

        // 	{
        // 	  "stat": "OK",
        // 	  "response": {
        // 	    "result": "waiting",
        // 	    "status": "pushed",
        // 	    "status_msg": "Pushed a login request to your phone..."
        // 	  }
        // 	}

        json.Load(resp->bodyStr());

        // The responseResult can be "allow", "deny", or "waiting"
        sbResult.Clear();
        json.StringOfSb("response.result",sbResult);
        responseStatus = json.stringOf("response.status");
        responseStatus_msg = json.stringOf("response.status_msg");

        strOut.append(sbResult.getAsString());
        strOut.append("\r\n");
        strOut.append(responseStatus);
        strOut.append("\r\n");
        strOut.append(responseStatus_msg);
        strOut.append("\r\n");
        strOut.append("");
        strOut.append("\r\n");

        delete resp;

        if (sbResult.ContentsEqual("waiting",true) == true) {
            i = i + 1;
        }
        else {
            // Force loop exit..
            i = maxWaitIterations;
        }

    }

    strOut.append("Finished.");
    strOut.append("\r\n");


    SetDlgItemText(IDC_EDIT1,strOut.getUnicode());

    }